Search CVE reports
81 – 90 of 243 results
Some fixes available 4 of 5
Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow. An application written in Perl would only be vulnerable to this flaw if it...
1 affected package
perl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| perl | — | — | Fixed | Fixed |
perl-Convert-ASN1 (aka the Convert::ASN1 module for Perl) through 0.27 allows remote attackers to cause an infinite loop via unexpected input.
1 affected package
libconvert-asn1-perl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libconvert-asn1-perl | Not affected | Not affected | Vulnerable | Vulnerable |
PerlSpeak through 2.01 allows attackers to execute arbitrary OS commands, as demonstrated by use of system and 2-argument open.
1 affected package
libperlspeak-perl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libperlspeak-perl | Not in release | Not in release | Not in release | Vulnerable |
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
1 affected package
libmp3-info-perl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libmp3-info-perl | — | — | — | Ignored |
_is_safe in the File::Temp module for Perl does not properly handle symlinks.
2 affected packages
perl, libfile-temp-perl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| perl | — | — | — | — |
| libfile-temp-perl | — | — | — | — |
Parallel::ForkManager module before 1.0.0 for Perl does not properly handle temporary files.
1 affected package
libparallel-forkmanager-perl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libparallel-forkmanager-perl | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
Eval injection vulnerability in the Module-Metadata module before 1.000015 for Perl allows remote attackers to execute arbitrary Perl code via the $Version value.
2 affected packages
libmodule-metadata-perl, perl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libmodule-metadata-perl | — | — | — | — |
| perl | — | — | — | — |
Not in release
Perl module Data::UUID from CPAN version 1.219 vulnerable to symlink attacks
1 affected package
libdata-uuid-perl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libdata-uuid-perl | — | — | — | — |
SQL injection vulnerability in Jifty::DBI before 0.68.
1 affected package
libjifty-dbi-perl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libjifty-dbi-perl | — | — | — | — |
libpoe-component-irc-perl before v6.32 does not remove carriage returns and line feeds. This can be used to execute arbitrary IRC commands by passing an argument such as "some text\rQUIT" to the 'privmsg' handler, which...
1 affected package
libpoe-component-irc-perl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libpoe-component-irc-perl | — | — | — | — |